This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft File: PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft (raw, json) Hash identifier: BSEY8RaH23C+Jt4tlsliXK2cSQk1nOZdMQgo1rX84bE= Subject key identifier: F3:39:F7:5C:60:EB:C5:9D:5B:9F:5B:A5:46:98:F5:A4:05:91:1E:B5 Authority key identifier: 3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97 Certificate issuer: /CN=3c1415421685ace3682f161d310d92726cdfb097 Certificate serial: 019B19BB1FC227DA80031847894D028BE28E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft Manifest number: 1772 Signing time: Sat 13 Dec 2025 22:00:52 +0000 Manifest this update: Sat 13 Dec 2025 22:00:52 +0000 Manifest next update: Sun 14 Dec 2025 22:00:52 +0000 Files and hashes: 1: PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl (hash: e5AEUqNyzPSoRLgE0xjQfnoBmccRPS+9Cbo7LWp016Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 22:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:bb:1f:c2:27:da:80:03:18:47:89:4d:02:8b:e2:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c1415421685ace3682f161d310d92726cdfb097 Validity Not Before: Dec 13 22:00:52 2025 GMT Not After : Dec 14 22:00:52 2025 GMT Subject: CN=f339f75c60ebc59d5b9f5ba54698f5a405911eb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fc:bf:4d:06:e3:75:99:d6:60:b1:15:cb:04: c0:85:11:11:78:c6:6d:99:e2:d0:27:9f:ab:e3:de: 16:76:c5:57:7f:8f:63:2a:ff:af:66:68:a3:cc:b7: ba:d5:b6:f9:a5:16:bf:d5:0b:78:e5:c1:14:9d:d0: 31:1d:a8:68:a4:8b:b4:8a:8f:20:8f:8d:7d:74:5f: 74:8e:be:68:fc:f2:e9:9f:53:2f:92:25:83:a0:89: 01:d0:6a:80:cb:41:1a:71:a7:9e:de:9f:87:98:9a: 4e:bd:fd:66:ca:9a:20:76:c9:12:cf:b4:c9:c1:50: 9a:bf:49:b1:c8:e5:e8:20:17:22:2f:d6:d8:dc:6a: 8c:1e:20:35:0e:ce:3e:d0:90:ce:77:6d:6c:0e:13: 1c:a5:39:31:06:a0:c6:4e:36:70:32:89:d8:d0:ae: 39:1a:1f:83:54:23:ca:48:7c:82:2c:a2:77:db:c0: 90:f2:45:05:1e:fa:e4:b8:1c:d4:34:9c:6e:53:a5: 21:41:57:1d:c6:1c:07:0c:7d:d4:5d:a7:39:ba:1c: 4d:c0:85:5f:a4:3b:59:f4:fd:09:a2:e8:07:9b:ed: 4f:ab:79:66:df:d6:73:69:f8:d1:17:ab:cf:a4:62: 19:33:0d:83:07:f9:a9:d0:b1:93:32:78:00:16:c8: 00:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:39:F7:5C:60:EB:C5:9D:5B:9F:5B:A5:46:98:F5:A4:05:91:1E:B5 X509v3 Authority Key Identifier: keyid:3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:97:37:54:0f:f9:d2:0a:75:4a:fa:c3:ed:3e:ff:38:ae:3b: 7d:76:da:6c:67:2a:23:dc:e9:44:04:82:2e:28:98:53:ac:de: bd:08:ea:69:44:c9:62:c1:54:d4:5a:0f:03:9c:53:49:c9:c3: 6a:49:4e:f0:9f:fc:e0:b5:ab:cc:d7:0d:17:1c:75:82:a7:62: 1e:54:25:00:ca:84:62:9f:1a:70:3c:a2:98:3d:c3:2d:6c:fb: fa:76:ee:73:b0:8f:10:dc:24:04:61:ef:5e:de:b3:f7:90:ac: 8e:96:1b:6c:5f:78:c1:eb:5f:f3:0f:2f:a2:5b:15:ba:c9:bd: 68:58:a3:b7:d8:e6:64:d0:a3:d1:7f:c6:b7:2e:28:f7:c8:bd: 37:a5:9a:cb:dd:47:00:be:b5:1c:98:95:8c:a8:18:aa:bc:a0: f4:f7:4e:dc:bf:52:aa:54:a0:f6:a2:aa:de:1d:92:74:88:54: f4:17:98:a6:06:0a:78:6f:b3:23:0d:29:16:80:ce:4b:20:f1: d6:42:b6:f8:5f:94:7c:2d:16:50:bb:b1:d5:3e:20:cb:66:77: 46:ec:a7:61:43:77:fa:ec:32:de:ee:e0:8e:7d:59:40:ff:37: d9:aa:f2:ef:60:85:6e:25:e9:24:33:cc:1e:85:fb:bd:ba:80: 0c:0d:43:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZux/CJ9qAAxhHiU0Ci+KOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMTQxNTQyMTY4NWFjZTM2ODJmMTYxZDMxMGQ5MjcyNmNk ZmIwOTcwHhcNMjUxMjEzMjIwMDUyWhcNMjUxMjE0MjIwMDUyWjAzMTEwLwYDVQQD EyhmMzM5Zjc1YzYwZWJjNTlkNWI5ZjViYTU0Njk4ZjVhNDA1OTExZWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfy/TQbjdZnWYLEVywTAhREReMZt meLQJ5+r494WdsVXf49jKv+vZmijzLe61bb5pRa/1Qt45cEUndAxHahopIu0io8g j419dF90jr5o/PLpn1MvkiWDoIkB0GqAy0Eacaee3p+HmJpOvf1mypogdskSz7TJ wVCav0mxyOXoIBciL9bY3GqMHiA1Ds4+0JDOd21sDhMcpTkxBqDGTjZwMonY0K45 Gh+DVCPKSHyCLKJ328CQ8kUFHvrkuBzUNJxuU6UhQVcdxhwHDH3UXac5uhxNwIVf pDtZ9P0JougHm+1Pq3lm39ZzafjRF6vPpGIZMw2DB/mp0LGTMngAFsgAEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPM591xg68WdW59bpUaY9aQFkR61MB8GA1UdIwQY MBaAFDwUFUIWhazjaC8WHTENknJs37CXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgt MWUxMjI4MzhhMTExLzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgtMWUxMjI4MzhhMTEx LzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPJc3VA/5 0gp1SvrD7T7/OK47fXbabGcqI9zpRASCLiiYU6zevQjqaUTJYsFU1FoPA5xTScnD aklO8J/84LWrzNcNFxx1gqdiHlQlAMqEYp8acDyimD3DLWz7+nbuc7CPENwkBGHv Xt6z95CsjpYbbF94wetf8w8volsVusm9aFijt9jmZNCj0X/Gty4o98i9N6Way91H AL61HJiVjKgYqryg9PdO3L9SqlSg9qKq3h2SdIhU9BeYpgYKeG+zIw0pFoDOSyDx 1kK2+F+UfC0WULux1T4gy2Z3RuynYUN3+uwy3u7gjn1ZQP832ary72CFbiXpJDPM HoX7vbqADA1DbA== -----END CERTIFICATE-----Generated at Sun Dec 14 07:44:10 2025 by rpki-client